On 29 Jul 2018, at 23:42, George Kadianakis desnacked@riseup.net wrote:
- From what I understand you are also hoping to use WTF-PAD to protect
against circuit fingerprinting and not just website fingerprinting. They told me that while this might be plausible, there is no current research on how well it can achieve that. Are we hoping to do that? And what research remains here? How can I help? Which parts of the Tor circuit protocol are we hoping to hide?
I am designing WTF-PAD to be a framework for deploying padding against arbitrary traffic analysis attacks. It is meant to allow us to define histograms on the fly (in the Tor consensus) as these are studied. The fact that they have not yet been studied is not super relevant to deploying the framework for it now.
ACK.
What other traffic analysis attacks are we looking at addressing here?
I'm thinking of stuff like "circuit fingerprinting of onion services", but I wonder if histograms and random sampling is too crude to actually be able to help against sophisticated attacks. I don't have a suggestion for something better currently.
On that topic, is it decided whether the adaptive padding of WTF-PAD will also happen during circuit construction, or only after that?
Padding during circuit construction should work with VPADDING cells: https://gitweb.torproject.org/torspec.git/tree/tor-spec.txt#n508
At least it did last time I checked: https://github.com/teor2345/endosome/blob/master/client-or-22929.py https://trac.torproject.org/projects/tor/ticket/22929
We should avoid using PADDING cells during the handshake, because Tor sometimes closes the connection: https://github.com/teor2345/endosome/blob/master/client-or-22934.py
T
-- teor
Please reply @torproject.org New subkeys 1 July 2018 PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ----------------------------------------------------------------------